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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36{a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED {35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 
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1)[X] Responsive to communication(s) filed on 31 October 2007 . 
2a)D This action is FINAL. 2b)E3 This action is non-finaL 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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4) IEI Claim(s) 1,2 and 4-21 is/are pending in the application. 
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6) E3 Claim(s) 1-2 and 4-21 is/are rejected. 
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8) D Claim(s) are subject to restriction and/or election requirement. 
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Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
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Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1.17(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1 . 1 7(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.114. Applicant's submission filed on 10/31/2007 has been entered. 

Response to Amendment 
Claim 3 has been cancelled. Applicant's arguments/amendments with respect to amended 
claims 1, 6-8, & 18-20 and original/previously presented claims 2, 4-5, 9-17, and 21 filed 
10/3 1/2007 have been fully considered but they are not persuasive. 

Response to Arguments 

Applicants contend that Mohammed et al. as combined with Brody et al. fail to 
teach/suggest the limitation included in the amended claims. Mohammed et al., taken in 
combination with Brody et al., teach/suggest an environment which incorporates a host facility 
and a portable computing device in a secure networked environment (as described below with 
reference to Mohammed et al.). Brody et al. specifically suggest personalizing a portable 
computing device/handheld device via a connection through a host/network (par. 33, lines 1-30). 
Various types of personalizations may occur by loading software to the PDA, as disclosed by 
Brody et al. (par. 94-96). Specifically, Brody et al. suggest that it would be beneficial to 
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incorporate a feature incorporated in the PDA which validates the software to ensure that no 
viruses have been implanted in the code (par. 105). All of these citings suggest that the 
motivation to combine Brody et al. and Mohammed et al would be to prevent the spread of 
viruses/worms during the personalization process, which is the point where many software 
applications are being downloaded to the PDA (par. 163). Therefore, it would have been 
obvious to one of ordinary skill, at the time the invention was made, to incorporate a validation 
check using a validation program which resides on the computer system, i.e. in the PDA or 
portable computing device which is coupled to the host device, so that if the software has 
malicious code there will be a means in place to at least try and prevent that device from 
becoming infected. Thus, the combination of Mohammed et al. and Brody et al. teach/suggest 
the claimed limitations. 

In response to applicant's argument that "the improvement is more that the predictable 
use of prior art elements according to their established function," the test for obviousness is not 
whether the features of a secondary reference may be bodily incorporated into the structure of 
the primary reference; nor is.it that the claimed invention must be expressly suggested in any one 
or all of the references. Rather, the test is what the combined teachings of the references would 
have suggested to those of ordinary skill in the art. See In re Keller, 642 F.2d 413, 208 USPQ 
871 (CCPA 1981). Mohammed et al. teach the formation of a secure networked environment 
(col. 16, lines 1-35). Specifically, Mohammed et al. teach that before an application can be 
allowed to be loaded in a networked environment, the source, NSA, must be validated as having 
the proper authorizations to that application (coh 16, lines 24-57), i.e. thereby creating a secure 
environment which comprises computer systems. Furthermore, one of ordinary skill in the art at 
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the time the invention was made would have been motivated to modify the system disclosed by 
Mohammed et al. to validate the software by a validating program residing in a component of the 
computer system, i.e. the PDA (since Applicants defined that the computer system comprises a 
host facility and a portable computing device coupled to the host facility), in a secure fashion. 
One would have been motivated to include the validation program in the PDA component of the 
computer system since Brody et al. suggest that it could be beneficial to incorporate a feature 
which validates the software to ensure that no viruses have been implanted into the code before 
downloading it to the PDA (par. 105 and par. 163). 

Due to the reasons stated above, the Examiner maintains rejections with respect to the 
pending claims. The prior arts of records taken singly and/or in combination teach the limitations 
that the Applicant suggests distinguish from the prior art. Therefore, it is the Examiner's 
conclusion that the pending claims are not patentably distinct or non-obvious over the prior art of 
record as presented. 

Claim Rejections - 35 USC §103 

I. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this title, if the 
differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter pertains. Patentability 
shall not be negatived by the manner in which the invention was made. 

II. Claims 1-2, 4-5, 7-13, 15-18, and 20-21 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Mohammed et al., US Patent No. 6,374,357 and further in view of Brody, US 
Pub. No. 2001/0051928. 
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As per claim 1: 

Mohammed et al. teach a method of ensuring the security of a computer system, 
comprising loading software on said computer system suitable for operating on the computer 
system (col. 6, lines 12-32 and col. 18, lines 13-15); prior to operating the software on the 
computer system, validating said software by the use of a validator program that scans the 
software that is loaded in a secure environment (col. 18, line 56 - col. 19, line 5); marking said 
software as valid or invalid by the use of a digital signature flag (col. 18, line 63 - col. 19, line 
15); and, denying said software the ability to operate on any environment within said computer 
system if said validator fails to identify said software as valid in order to ensure the security of 
said computer system (col. 19, lines 4-12). Furthermore, Mohammed et al. teach that the 
computing environment allows for various computing systems, one of which may be a handheld 
device (col. 6, lines 21-26). 

Not explicitly disclosed is wherein said method operates on a computer system which 
comprises a portable computing device coupled to said host computer where the software is 
validated by the use of a validator program, residing in the computer system in a secure fashion 
such that the validator programs scans the software that is loaded in a secure environment. 
However, Brody teaches a PDA coupled to a host device for personalization purposes. 
Furthermore, Brody et al. teach that one of the steps during the personalization process may be to 
scan the software before allowing it to be downloaded to the PDA to prevent from downloading 
an application with malicious code (par. 105). Therefore, it would have been obvious to a person 
in the art at the time the invention was made to modify the method disclosed in Mohammed et al. 
to have the hand-held device coupled to the host computer in order to carry out different 
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functions on the portable device, where one of the functions includes the PDA having a 
validation program stored in a secure fashion in order to scan the software. This modification 
would have been obvious because a person having ordinary skill in the art, at the time the 
invention was made, would have been motivated to do so since Brody suggests that PDA's are 
used in conjunction with PC's in order to download applications because PDA's are highly 
mobile and the client can always have access to his/her PDA, as well as to validate an application 
before downloading it to the PDA, in par. 33, lines 1-30 and par. 163. 
As per claim 2: 

Mohammed et al. and Brody et al. substantially teach the method described in claim 1. 
Furthermore, Mohammed et al. teach wherein said method operates on ah open platform 
computer system (col. 5, line 66 - col. 6, line 32). 
As per claim 4: 

Mohammed et al. and Brody et al. substantially teach the method described in claim 1. 
Furthermore, Mohammed et al. teach wherein said software is supplied by a third-party source 
(col. 9, lines 51-63). 
As per claim 5: 

Mohammed et al. and Brody et al. substantially teach the method described in claim 4. 
Furthermore, Mohammed et al. teach wherein said third-party software is for execution or other 
use on a palmtop computer (col. 6, lines 33-38). 
As per claim 7: 

Mohammed et al. and Brody et al. substantially teach the method described in claim 1 . 
Mohammed et al. also teach a host computer (col. 6, lines 33-38). Furthermore, Mohammed et 
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al. teach that the computing environment allows for various computing systems, one of which 
may be a handheld device (col. 6, lines 21-26). Not explicitly disclosed is wherein said method 
operates on a computer system which comprises a portable computing device coupled to said 
host computer. However, Brody teaches a PDA coupled to a host device for personalization 
purposes. Therefore, it would have been obvious to a person in the art at the time the invention 
was made to modify the method disclosed in Mohammed et al. to have the hand-held device 
coupled to the host computer in order to carry out different functions on the palmtop computing * 
device. This modification would have been obvious because a person having ordinary skill in 
the art, at the time the invention was made, would have been motivated to do so since Brody 
suggests that PDA's are used in conjunction with PC's in order to download applications because 
PDA's are highly mobile and the client can always have access to his/her PDA in par. 33, lines 
1-30. 

As per claim 8: 

Mohammed et al. substantially teach an apparatus for ensuring the security of software in 
a computer system, comprising a validation program that is capable of validating said software 
by first scanning said software that is loaded in a secure environment (col. 18, line 56 - col. 19, 
line 5); marking said software as valid or invalid by the use of a digital signature flag (col. 18, 
line 63 - col. 19, line 15); and, denying said software the ability to operate in any environment 
on said computer system if said validator program fails to identify said software as valid in order 
to ensure the security of said computer system (col. 19, lines 4-12). Furthermore, Mohammed et 
al. teach that the computing environment allows for various computing systems, one of which 
may be a handheld device (col. 6, lines 21-26). 
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Not explicitly disclosed is wherein said method operates on a computer system which 
comprises a portable computing device coupled to said host computer where the software is 
validated by the use of a validator program, residing in the computer system in a secure fashion 
such that the validator programs scans the software that is loaded in a secure environment. 
However, Brody teaches a PDA coupled to a host device for personalization purposes. 
Furthermore, Brody et al. teach that one of the steps during the personalization process may be to 
scan the software before allowing it to be downloaded to the PDA to prevent from downloading 
an application with malicious code (par. 105). Therefore, it would have been obvious to a person 
in the art at the time the invention was made to modify the method disclosed in Mohammed et al. 
to have the hand-held device coupled to the host computer in order to carry out different 
functions on the portable device, where one of the functions includes the PDA having a 
validation program stored in a secure fashion in order to scan the software. This modification 
would have been obvious because a person having ordinary skill in the art, at the time the 
invention was made, would have been motivated to do so since Brody suggests that PDA's are 
used in conjunction with PC's in order to download applications because PDA's are highly 
mobile and the client can always have access to his/her PDA, as well as to validate an application 
before downloading it to the PDA, in par. 33, lines 1-30 and par. 163. 
As per claim 9: 

Mohammed et al. and Brody substantially teach the apparatus described in claim 8. 
Furthermore, Brody teaches wherein said host computer is coupled to a network (par. 33, lines 1- 
30). 

As per claim 10: 
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Mohammed et al. and Brody substantially teach the apparatus described in claim 8. 
Furthermore, Brody teaches wherein said portable computing device is a handheld computing 
device (par. 33, lines 1-30). 
As per claim 11: 

Mohammed et al. and Brody substantially teach the apparatus described in claim 8. 
Furthermore, Brody teaches wherein said portable computing device is a personal data assistant 
(par. 33, lines 1-30). 
As per claim 12: 

Mohammed et al. and Brody substantially teach the apparatus described in claim 8.. 
Furthermore, Brody teaches wherein said portable computing device is coupled to said host 
computer by an infrared device (par. 33, lines 25-30). 
As per claim 13: 

Mohammed et al. and Brody substantially teach the apparatus described in claim 8. 
Furthermore, Brody teaches wherein said portable computing device is coupled to said host 
computer by an RF enabled device (par. 33, lines 25-30). 
As per claim 15: 

Mohammed et al. and Brody substantially teach the apparatus described in claim 8. 
Mohammed et al. further teach wherein said validation program is configured to evaluate third- 
party software and attach a digital "valid" flag if said third-party software is found to be clean of 
known security compromising routines or attach a digital "invalid" flag to said third-party 
software if said third-party software is not found to be clean of known security compromising 
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routines (col. 18, line 35 - col. 19, linelS). 
As per claim 16: 

Mohammed et al. and Brody substantially teach the apparatus described in claim 15. 
Mohammed et al. further teach wherein said portable computing device is configured to load 
third-party software files with said digital "valid" flag attached and to refrain from loading third- 
party software files which have no flag attached or have said "invalid" flag attached (col. 19, 
lines 4-15). 
As per claim 17: 

Mohammed et al. and Brody substantially teach the apparatus described claim 15. 
Furthermore, Brody teaches wherein said portable computing device is a personal data assistant 
(par. 33, lines 1-30). 
As per claim 18: 

Mohammed et al. substantially teach an apparatus for ensuring the security of a computer 
system, comprising a validation program that is capable of validating said software by scanning 
the files of said software in a secure environment on the handheld computing device prior to 
operating the software in any environment on the handheld computing device (col. 18, line 56 - 
col. 19, line 5); marking said software as valid or invalid by the use of a digital signature flag 
(col. 18, line 63 - col. 19, line 15); and denying said software the ability to operate on any 
environment on said computer system if said validator fails to identify said software as valid in 
order to ensure the security of said computer system (col. 19, lines 4-12). Furthermore, 
Mohammed et al. teach that the computing environment allows for various computing systems, 
one of which may be a handheld device (col. 6, lines 21-26). 
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Not explicitly disclosed is wherein a handheld computing device couple to a network, 
wherein said handheld computing device is capable of loading software from said network to 
said handheld computing device for operating on said handheld computing device where the 
validation program resides on a network such that the validation program scans the software that 
is loaded in a secure environment before it is loaded onto the handheld computing device. 
However, Brody teaches a PDA coupled to a host computer (which is in a secure networked 
environment) for personalization purposes. Furthermore, Brody et al. teach that one of the steps 
during the personalization process may be to scan the software before allowing it to be 
downloaded to the PDA to prevent from downloading an application with malicious code (par. 
105). Therefore, it would have been obvious to a person in the art at the time the invention was 
made to modify the method disclosed in Mohammed et al. to have the hand-held device coupled 
to the host computer in order to carry out different functions on the portable device, where one of 
the functions includes the PDA having a validation program stored in a secure fashion in order to 
scan the software. This modification would have been obvious because a person having ordinary 
skill, in the art, at the time the invention was made, would have been motivated to do so since 
Brody suggests that PDA's are used in conjunction with PC's in order to download applications 
because PDA's are highly mobile and the client can always have access to his/her PDA, as well 
' as to validate an application before downloading it to the PDA, in par. 33, lines 1-30 and par. 
163. 

As per claim 20: 

Mohammed et al. and Brody substantially teach the apparatus described in claim 18. 
Mohammed et al. further teach wherein said portable computing device is configured to load 
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third-party software files with said digital "valid" flag attached and to refrain from loading third- 
party software files which have no flag attached or have said "invalid" flag attached (col. 19, 
lines 4-15). 
As per claim 21: 

Mohammed et al. and Brody substantially teach the apparatus described in claim 18. 
Mohammed et al. further teach wherein said validation program is configured to evaluate third- 
party software and attach a digital "valid" flag if said third-party software is found to be clean of 
known security compromising routines or attach a digital "invalid" flag to said third-party 
software if said third-party software is not found to be clean of known security compromising 
routines (col. 18, line 35 - col. 19, linel 5). 

III. Claims 6, 14, and 19 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Mohammed et al., US Patent No. 6,374,357 and Brody, US Pub. No. 2001/0051928 as applied to 
claims 1, 8, & 18 above, and further in view of Ginter et al., US Patent No. 6,948,070. 
As per claim 6: 

Mohammed et al. and Brody et al. substantially teach the method described in claim 1 . 
Not explicitly disclosed is wherein said validator program is specially constructed to reside in a 
secure fashion in the host facility of said computer system. However, Ginter et al. teach the use 
of a tamper-resistant security barrier which could be included in any component in a network so 
that processes are ensured to be carried out within a secure environment. Therefore, it would 
have been obvious to a person in the art at the time the invention was made to modify the method 
disclosed in Mohammed et al. for the validator program to be contained within a secure 
environment in order to ensure that it has not been tampered with so that it correctly validates the 
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software/application. This modification would have been obvious because a person having 
ordinary skill in the art, at the time the invention was made, would have been motivated to do so 
since Ginter et al. suggest that it is important to ensure that processes are carried out within a 
secure environment in col. 59, lines 48-59. 
As per claim 14: 

Mohammed et al. and Brody substantially teach the apparatus described in claim 8. Not 
explicitly disclosed is wherein said validation program resides in said host computer of the 
computer system in a fashion intended to be secure. However, Ginter et al. teach the use of a 
tamper-resistant security barrier which could be included in any component in a network so that 
processes are ensured to be carried out within a secure environment. Therefore, it would have 
been obvious to a person in the art at the time the invention was made to modify the apparatus 
disclosed in Mohammed et al. for the validator program to be contained within a secure 
environment in order to ensure that it has not been tampered with so that it correctly validates the 
software/application. This modification would have been obvious because a person having 
ordinary skill in the art, at the time the invention was made, would have been motivated to do so 
since Ginter et al. suggest that it is important to ensure that processes are carried out within a 
secure environment in col. 59, lines 48-59. 
As per claim 19: 

Mohammed et al. and Brody substantially teach the apparatus described in claim 18. Not 
explicitly disclosed is wherein said validation program resides in said computer network in a 
fashion intended to be secure. However, Ginter et al. teach the use of a tamper-resistant security 
barrier which could be included in any component in a network so that processes are ensured to 
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be carried out within a secure environment. Therefore, it would have been obvious to a person in 
the art at the time the invention was made to modify the apparatus disclosed in Mohammed et al. 
for the validator program to be contained within a secure environment in order to ensure that it 
has not been tampered with so that it correctly validates the software/application. This 
modification would have been obvious because a person having ordinary skill in the art, at the 
time the invention was made, would have been motivated to do so since Ginter et al. suggest that 
it is important to ensure that processes are carried out within a secure environment in col. 59, 
lines 48-59. 



* References Cited, Not Used 

The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

1. US Patent No. 6,694,436 

2. US Patent No. 5,953,502 

3. US Patent No. 7,080,407 

The above references have been cited because they are relevant due to the manner in which the 



invention has been claimed. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Nadia Khoshnoodi whose telephone number is (571) 272-3825. 
The examiner can normally be reached on M-F: 8:00-4:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



NASSER MOAZZAMI 
SUPERVISORY PATENT EXAMINES 
TECHNOLOGY CENTER 2100 





Nadia Khoshnoodi 
Examiner 
Art Unit 2137 
1/29/2008 



NK 



